HELLO AND WELCOME! Before you can post your question, you'll have to register -- it's completely free and registered users see less advertising! If you just want to browse through the existing questions, just select the forum that you want to visit from the selection below. Otherwise, click here to register!. We highly recommend that you print a copy of our Guide for New Members. Enjoy!

Hybrid View

Q for Sys admins: Blocking P2P

I work for University and of couse we follow strict policies when it comes to copy write violations namely sharing pirated software on P2P file sharing software. I've had trouble with some users putting Kazaa, bearshare and limewire on computers on my network. Does anyone know if Kazaa,bearshare,napster,limewire and others use a common port to talk to each other? I'd like to block this at the router.

Re:Q for Sys admins: Blocking P2P

AFAIK if you goto the gnutella client homepages, they have the port lists that gnutella clients use. I would suppose going to a Napster clients' homepage that could be resolved (although Napster is pretty safe these days -- no more copyright infringment is allowed for free). I dont know of any clients that can dynamically change ports for situations like this (other than on direct user to user transfers). They still need to connect to the network, so blocking the main port should suffice.

Re:Q for Sys admins: Blocking P2P

if not blocking the main port will at least drasitcally reduce the traffic caused by these. i read an article on /. about how much bandwidth P2P sucks up, not just with file transfers but with all the other crap that comes with them.

make sure you try to block imesh too. i use that and they have a pretty big fanbase too.

from a general look at my ports and connections when running kazaa, i think the port is 1214. when i block that port it appeared to do nothing to kazaa's abilities

Re:Q for Sys admins: Blocking P2P

try this out for size, maybe it will assist a bit. There is a process in which a server handshakes a client to create a converstation -- block that. I know its a breeze in OpenBSD with pf. I have ZERO experience in Linux firewall solutions, and most Winderz firewalls have some sort of pulldown or check box to accomplish this.

Re:Q for Sys admins: Blocking P2P

cant you block them from downloading mp3's and mpegs rather than blocking the port?

i read somewhere( i dont remember where but if find the link i'll post it ) something about kazaa or gnutells or one of theose file sharing programs no using only 1 port but a buch of ports just incase their nornal port is blocked.

If you use the firewall to block mp3 or any kind of media file i think that would be easier.

Re:Q for Sys admins: Blocking P2P

even if you decided to block just mp3, i don't think that would exactly work, as it depends entirely on the protocol as to how the file is requested, and you'd prolly need to have special software to be able to detect when a gnutella client is asking for an mp3. also, there are legitimate reasons to download mp3's. i run the website for a youth symphony, and we put up mp3's of the concerts so parents can dl them and oooooh and aaaahh.

also, it's more than just the file transfers that kill bandwidth when dealing with P2P. i read about an interesting article on slashdot, and it is very relevant to this topic and worth a read.